Insteon Hub
Approved changes feed: RSS · Atom
cpe:2.3:h:insteon:hub:-:*:*:*:*:*:*:*
part: h version: - update: *
| Vendor | Insteon (7b3e838e-214f-5b6e-a9e1-be9bcbb5f079) |
|---|---|
| Product | Hub (88f771b6-a147-555d-b90b-b876e5bdb7c0) |
| Edition | * |
| Language | * |
| Software edition | * |
| Target software | * |
| Target hardware | * |
| Other | * |
| Notes | Imported from NVD CPE 2.0 feed |
PURL mappings
| PURL | Source | Last updated |
|---|---|---|
| No PURL mappings for this CPE yet. | ||
Vulnerability references
| Identifier | cpeApplicability | Submitted | db.gcve.eu details | Rationale |
|---|---|---|---|---|
CVE:CVE-2018-3834 |
not_vulnerable | 2026-06-08 05:11:41.327649 |
Details available
HIGH (8.7)
An exploitable permanent denial of service vulnerability exists in Insteon Hub running firmware version 1013. The firmware upgrade functionality, triggered via PubNub, retrieves signed firmware binaries using plain HTTP requests. The device doesn't check the kind of firmware image that is going to be installed and thus allows for flashing any signed firmware into any MCU. Since the device contains different and incompatible MCUs, flashing one firmware to the wrong MCU will result in a permanent brick condition. To trigger this vulnerability, an attacker needs to impersonate the remote server "cache.insteon.com" and serve a signed firmware image.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T04:57:23.574Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16347 |
not_vulnerable | 2026-06-08 05:09:00.361750 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01e7d4 the value for the s_vol key is copied using strcpy to the buffer at 0xa0001700. This buffer is maximum 12 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.640Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16346 |
not_vulnerable | 2026-06-08 05:09:00.361436 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c368 the value for the s_mac key is copied using strcpy to the buffer at 0xa000170c. This buffer is 25 bytes large, sending anything longer will cause a buffer overflow. The destination can also be shifted by using an sn_speaker parameter between "0" and "3".
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.614Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16345 |
not_vulnerable | 2026-06-08 05:09:00.361117 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c318 the value for the s_port key is copied using strcpy to the buffer at 0xa00017f4. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow. The destination can also be shifted by using an sn_speaker parameter between "0" and "3".
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.557Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16344 |
not_vulnerable | 2026-06-08 05:09:00.360792 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c2c8 the value for the s_url key is copied using strcpy to the buffer at 0xa0001a0c. This buffer is 16 bytes large, sending anything longer will cause a buffer overflow. The destination can also be shifted by using an sn_speaker parameter between "0" and "3".
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.577Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16343 |
not_vulnerable | 2026-06-08 05:09:00.360449 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c284 the value for the s_vol_brt_delta key is copied using strcpy to the buffer at 0xa0000510. This buffer is 4 bytes large, sending anything longer will cause a buffer overflow.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.578Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16342 |
not_vulnerable | 2026-06-08 05:09:00.360124 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c254 the value for the s_vol_dim_delta key is copied using strcpy to the buffer at 0xa0000514. This buffer is 4 bytes large, sending anything longer will cause a buffer overflow.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.504Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16341 |
not_vulnerable | 2026-06-08 05:09:00.359802 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c224 the value for the s_vol_play key is copied using strcpy to the buffer at 0xa0000418. This buffer is maximum 8 bytes large (this is the maximum size it could be, it is possible other global variables are stored between this variable and the next one that we could identify), sending anything longer will cause a buffer overflow.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.535Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16340 |
not_vulnerable | 2026-06-08 05:09:00.359460 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01c0e8 the value for the s_dport key is copied using strcpy to the buffer at 0xa000180c. This buffer is 6 bytes large, sending anything longer will cause a buffer overflow.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.570Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16339 |
not_vulnerable | 2026-06-08 05:09:00.359084 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bb1c the value for the uri key is copied using strcpy to the buffer at 0xa00016a0. This buffer is 64 bytes large, sending anything longer will cause a buffer overflow.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.557Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16338 |
not_vulnerable | 2026-06-08 05:09:00.358665 |
Details available
HIGH (8.5)
An attacker could send an authenticated HTTP request to trigger this vulnerability in Insteon Hub running firmware version 1012. At 0x9d01bad0 the value for the host key is copied using strcpy to the buffer at 0xa00016e0. This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T20:20:05.683Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16336 |
not_vulnerable | 2026-06-08 05:09:00.345572 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_event_var, at 0x9d01eeb0, the value for the `s_value` key is copied using `strcpy` to the buffer at `$sp+0x10`.This buffer is 244 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:08.350Z
Updated: 2025-04-08T14:22:37.795Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16335 |
not_vulnerable | 2026-06-08 05:09:00.345231 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_event_var, at 0x9d01ee70, the value for the `s_offset` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:08.256Z
Updated: 2025-04-08T14:24:07.375Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16334 |
not_vulnerable | 2026-06-08 05:09:00.344869 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_event, at 0x9d01edb8, the value for the `s_raw` key is copied using `strcpy` to the buffer at `$sp+0x10`.This buffer is 244 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:08.161Z
Updated: 2025-04-08T14:25:27.491Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16333 |
not_vulnerable | 2026-06-08 05:09:00.344523 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_event, at 0x9d01ed7c, the value for the `s_offset` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:08.055Z
Updated: 2025-04-08T14:26:57.711Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16332 |
not_vulnerable | 2026-06-08 05:09:00.344170 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_event_alarm, at 0x9d01ec34, the value for the `s_aid` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:02.935Z
Updated: 2025-04-08T14:28:02.593Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16321 |
not_vulnerable | 2026-06-08 05:09:00.340238 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01e050, the value for the `s_sonos_index` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:00.978Z
Updated: 2025-04-08T15:59:15.677Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16320 |
not_vulnerable | 2026-06-08 05:09:00.339732 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01ddd4, the value for the `s_sonos_cmd` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:00.889Z
Updated: 2025-04-08T15:59:44.663Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16319 |
not_vulnerable | 2026-06-08 05:09:00.339375 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01d7a8, the value for the `g_sonos_index` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:00.696Z
Updated: 2025-04-08T15:50:44.017Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16318 |
not_vulnerable | 2026-06-08 05:09:00.339008 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01d16c, the value for the `g_group_off` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:00.590Z
Updated: 2025-04-08T14:37:14.655Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16317 |
not_vulnerable | 2026-06-08 05:09:00.338552 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01d068, the value for the `g_group` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:00.469Z
Updated: 2025-04-08T14:38:28.799Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16316 |
not_vulnerable | 2026-06-08 05:09:00.338208 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01c898, the value for the `g_meta_page` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:00.375Z
Updated: 2025-04-08T15:01:36.853Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16315 |
not_vulnerable | 2026-06-08 05:09:00.337858 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01c3a0, the value for the `s_state` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:40:00.161Z
Updated: 2025-04-08T15:51:15.976Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16314 |
not_vulnerable | 2026-06-08 05:09:00.337493 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01c1cc, the value for the `s_speaker` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:54.988Z
Updated: 2025-04-08T15:51:43.958Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16313 |
not_vulnerable | 2026-06-08 05:09:00.337147 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01c084, the value for the `s_ddelay` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:54.886Z
Updated: 2025-04-08T15:52:32.102Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16312 |
not_vulnerable | 2026-06-08 05:09:00.336798 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sonos, at 0x9d01c028, the value for the `sn_discover` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:54.781Z
Updated: 2025-04-08T15:52:59.456Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16311 |
not_vulnerable | 2026-06-08 05:09:00.336504 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd UpdateCheck, at 0x9d01bb64, the value for the `type` key is copied using `strcpy` to the buffer at `$sp+0x270`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:54.374Z
Updated: 2025-04-08T15:31:31.707Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16310 |
not_vulnerable | 2026-06-08 05:09:00.336163 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_ch, at 0x9d01b7b0, the value for the `ch` key is copied using `strcpy` to the buffer at `$sp+0x334`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:54.285Z
Updated: 2025-04-08T15:32:15.980Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16309 |
not_vulnerable | 2026-06-08 05:09:00.335820 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_exw, at 0x9d01b3d8, the value for the `d` key is copied using `strcpy` to the buffer at `$sp+0x334`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:54.193Z
Updated: 2025-04-08T15:38:19.202Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16308 |
not_vulnerable | 2026-06-08 05:09:00.335481 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_exw, at 0x9d01b374, the value for the `cmd2` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:54.113Z
Updated: 2025-04-09T13:23:33.444Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16307 |
not_vulnerable | 2026-06-08 05:09:00.335119 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_exw, at 0x9d01b310, the value for the `cmd1` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:54.014Z
Updated: 2025-04-09T13:24:17.040Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16306 |
not_vulnerable | 2026-06-08 05:09:00.334767 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_exw, at 0x9d01b2ac, the value for the `flg` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:53.922Z
Updated: 2025-04-08T15:53:36.530Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16305 |
not_vulnerable | 2026-06-08 05:09:00.334430 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_exw, at 0x9d01b20c, the value for the `id` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:53.841Z
Updated: 2025-04-08T16:00:21.311Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16304 |
not_vulnerable | 2026-06-08 05:09:00.334073 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_ex, at 0x9d01ae40, the value for the `d` key is copied using `strcpy` to the buffer at `$sp+0x334`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:53.753Z
Updated: 2025-04-08T16:00:48.238Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16303 |
not_vulnerable | 2026-06-08 05:09:00.333717 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_ex, at 0x9d01addc, the value for the `cmd2` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:53.659Z
Updated: 2025-04-08T16:01:22.804Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16302 |
not_vulnerable | 2026-06-08 05:09:00.333366 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_ex, at 0x9d01ad78, the value for the `cmd1` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:53.557Z
Updated: 2025-04-08T16:02:05.861Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16301 |
not_vulnerable | 2026-06-08 05:09:00.333008 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_ex, at 0x9d01ad14, the value for the `flg` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:53.181Z
Updated: 2025-04-08T16:02:34.967Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16294 |
not_vulnerable | 2026-06-08 05:09:00.318934 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_schd, at 0x9d01a144, the value for the `on` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:52.536Z
Updated: 2025-04-08T20:33:24.159Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16293 |
not_vulnerable | 2026-06-08 05:09:00.318597 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_schd, at 0x9d01a010, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:47.410Z
Updated: 2025-04-08T15:44:14.718Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16292 |
not_vulnerable | 2026-06-08 05:09:00.318246 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd g_schd, at 0x9d019c50, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:47.315Z
Updated: 2025-04-08T15:45:54.132Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16291 |
not_vulnerable | 2026-06-08 05:09:00.317876 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sun, at 0x9d019854, the value for the `sunset` key is copied using `strcpy` to the buffer at `$sp+0x334`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:47.223Z
Updated: 2025-04-08T15:46:48.397Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16290 |
not_vulnerable | 2026-06-08 05:09:00.317518 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_sun, at 0x9d01980c, the value for the `sunrise` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:47.121Z
Updated: 2025-04-09T13:24:51.278Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16289 |
not_vulnerable | 2026-06-08 05:09:00.317051 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_utc, at 0x9d0193ac, the value for the `offset` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:47.024Z
Updated: 2025-04-09T13:25:24.411Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16288 |
not_vulnerable | 2026-06-08 05:09:00.316684 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_time, at 0x9d018f60, the value for the `dst` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:46.936Z
Updated: 2025-04-08T16:05:57.592Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16287 |
not_vulnerable | 2026-06-08 05:09:00.316334 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_time, at 0x9d018f00, the value for the `dstend` key is copied using `strcpy` to the buffer at `$sp+0x270`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:46.852Z
Updated: 2025-04-08T16:06:28.649Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16286 |
not_vulnerable | 2026-06-08 05:09:00.315960 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_time, at 0x9d018ea0, the value for the `dststart` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:46.768Z
Updated: 2025-04-08T16:06:53.149Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16285 |
not_vulnerable | 2026-06-08 05:09:00.315613 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_time, at 0x9d018e58, the value for the `offset` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:46.685Z
Updated: 2025-04-08T16:07:16.806Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16284 |
not_vulnerable | 2026-06-08 05:09:00.315261 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_name, at 0x9d018958, the value for the `city` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:46.601Z
Updated: 2025-04-08T16:08:09.906Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16283 |
not_vulnerable | 2026-06-08 05:09:00.314910 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_name, at 0x9d0188a8, the value for the `name` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:46.234Z
Updated: 2025-04-08T17:45:24.185Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16282 |
not_vulnerable | 2026-06-08 05:09:00.314546 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_net, at 0x9d01827c, the value for the `dhcp` key is copied using `strcpy` to the buffer at `$sp+0x270`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:46.151Z
Updated: 2025-04-08T17:51:33.132Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16281 |
not_vulnerable | 2026-06-08 05:09:00.314196 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_net, at 0x9d018234, the value for the `sub` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:46.067Z
Updated: 2025-04-08T17:51:52.844Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16280 |
not_vulnerable | 2026-06-08 05:09:00.313829 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_net, at 0x9d0181ec, the value for the `gate` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:45.977Z
Updated: 2025-04-08T17:52:12.696Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16279 |
not_vulnerable | 2026-06-08 05:09:00.313471 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_net, at 0x9d0181a4, the value for the `port` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:45.890Z
Updated: 2025-04-08T17:52:34.226Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16278 |
not_vulnerable | 2026-06-08 05:09:00.313087 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_net, at 0x9d01815c, the value for the `ip` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:45.785Z
Updated: 2025-04-09T13:27:09.707Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16277 |
not_vulnerable | 2026-06-08 05:09:00.312721 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_grp, at 0x9d017658, the value for the `gcmd` key is copied using `strcpy` to the buffer at `$sp+0x270`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:45.701Z
Updated: 2025-04-09T13:28:11.843Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16276 |
not_vulnerable | 2026-06-08 05:09:00.312344 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_grp, at 0x9d0175f4, the value for the `gbt` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:45.613Z
Updated: 2025-04-09T13:28:59.838Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16275 |
not_vulnerable | 2026-06-08 05:09:00.311850 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_grp, at 0x9d01758c, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:45.524Z
Updated: 2025-04-09T13:29:36.328Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16274 |
not_vulnerable | 2026-06-08 05:09:00.311494 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd e_u, at 0x9d017364, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:44.434Z
Updated: 2025-04-09T13:30:09.409Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16273 |
not_vulnerable | 2026-06-08 05:09:00.311134 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd e_ml, at 0x9d016fa8, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:44.339Z
Updated: 2025-04-09T13:35:56.011Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16272 |
not_vulnerable | 2026-06-08 05:09:00.310756 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd e_l, at 0x9d016cf0, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:44.256Z
Updated: 2025-04-09T13:36:27.771Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16271 |
not_vulnerable | 2026-06-08 05:09:00.310397 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd e_l, at 0x9d016c94, the value for the `as_c` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:44.160Z
Updated: 2025-04-09T13:37:01.025Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16270 |
not_vulnerable | 2026-06-08 05:09:00.309826 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_b, at 0x9d01679c, the value for the `s_sonos_cmd` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:39.052Z
Updated: 2025-04-08T17:52:56.824Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16269 |
not_vulnerable | 2026-06-08 05:09:00.309454 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_b, at 0x9d01672c, the value for the `s_speaker` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.971Z
Updated: 2025-04-08T17:53:32.227Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16268 |
not_vulnerable | 2026-06-08 05:09:00.309079 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_b, at 0x9d0165c0, the value for the `id` key is copied using `strcpy` to the buffer at `$sp+0x270`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.873Z
Updated: 2025-04-08T17:54:42.290Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16267 |
not_vulnerable | 2026-06-08 05:09:00.308723 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_b, at 0x9d016578, the value for the `val` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.792Z
Updated: 2025-04-08T17:55:11.329Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16266 |
not_vulnerable | 2026-06-08 05:09:00.308369 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_b, at 0x9d016530, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.710Z
Updated: 2025-04-08T17:55:36.928Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16265 |
not_vulnerable | 2026-06-08 05:09:00.307989 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd l_bt, at 0x9d016104, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.615Z
Updated: 2025-04-08T18:02:42.654Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16264 |
not_vulnerable | 2026-06-08 05:09:00.307605 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd l_b, at 0x9d015cfc, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x1b4`.This buffer is 8 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.526Z
Updated: 2025-04-08T18:10:38.730Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16263 |
not_vulnerable | 2026-06-08 05:09:00.307111 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd g_b, at 0x9d015a8c, the value for the `val` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.431Z
Updated: 2025-04-08T18:13:29.154Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16262 |
not_vulnerable | 2026-06-08 05:09:00.306757 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd g_b, at 0x9d015864, the value for the `id` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.344Z
Updated: 2025-04-08T19:45:46.935Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16261 |
not_vulnerable | 2026-06-08 05:09:00.306387 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd g_b, at 0x9d015714, the value for the `grp` key is copied using `strcpy` to the buffer at `$sp+0x280`.This buffer is 16 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.248Z
Updated: 2025-04-09T13:37:38.349Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16260 |
not_vulnerable | 2026-06-08 05:09:00.305994 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_auth, at 0x9d015478, the value for the `pwd` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.138Z
Updated: 2025-04-09T13:25:59.429Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16259 |
not_vulnerable | 2026-06-08 05:09:00.305647 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd s_auth, at 0x9d015430, the value for the `usr` key is copied using `strcpy` to the buffer at `$sp+0x290`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:38.030Z
Updated: 2025-04-09T13:38:11.552Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16258 |
not_vulnerable | 2026-06-08 05:09:00.305277 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_sx, at 0x9d014f7c, the value for the `cmd4` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:37.929Z
Updated: 2025-04-09T13:44:27.704Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16257 |
not_vulnerable | 2026-06-08 05:09:00.304878 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_sx, at 0x9d014f28, the value for the `cmd3` key is copied using `strcpy` to the buffer at `$sp+0x2b0`.This buffer is 32 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:37.840Z
Updated: 2025-04-09T13:44:49.141Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-16256 |
not_vulnerable | 2026-06-08 05:09:00.304388 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exist in the PubNub message handler for the "cc" channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability. In cmd sn_sx, at 0x9d014ebc, the value for the `cmd2` key is copied using `strcpy` to the buffer at `$sp+0x2d0`.This buffer is 100 bytes large, sending anything longer will cause a buffer overflow.
Published: 2023-01-11T21:39:37.747Z
Updated: 2025-04-09T13:45:14.197Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14454 |
not_vulnerable | 2026-06-08 05:08:49.975537 |
Details available
HIGH (8.5)
Multiple exploitable buffer overflow vulnerabilities exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability. The `strcpy` at [18] overflows the buffer `insteon_pubnub.channel_al`, which has a size of 16 bytes.
Published: 2023-01-11T23:34:19.395Z
Updated: 2025-04-09T13:15:57.150Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14452 |
not_vulnerable | 2026-06-08 05:08:49.973507 |
Details available
HIGH (8.5)
An exploitable buffer overflow vulnerability exists in the PubNub message handler for the "control" channel of Insteon Hub running firmware version 1012. Specially crafted replies received from the PubNub service can cause buffer overflows on a global section overwriting arbitrary data. A strcpy overflows the buffer insteon_pubnub.channel_cc_r, which has a size of 16 bytes. An attacker can send an arbitrarily long "c_r" parameter in order to exploit this vulnerability. An attacker should impersonate PubNub and answer an HTTPS GET request to trigger this vulnerability.
Published: 2018-08-23T18:00:00.000Z
Updated: 2024-09-17T04:28:50.538Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14447 |
not_vulnerable | 2026-06-08 05:08:49.967993 |
Details available
HIGH (8.5)
An exploitable buffer overflow vulnerability exists in the PubNub message handler for the 'ad' channel of Insteon Hub running firmware version 1012. Specially crafted commands sent through the PubNub service can cause a stack-based buffer overflow overwriting arbitrary data. An attacker should send an authenticated HTTP request to trigger this vulnerability.
Published: 2018-08-06T17:00:00.000Z
Updated: 2024-09-16T17:28:01.654Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14446 |
not_vulnerable | 2026-06-08 05:08:49.966132 |
Details available
HIGH (8.5)
An exploitable stack-based buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation unsafely extracts parameters from the query string, leading to a buffer overflow on the stack. An attacker can send an HTTP GET request to trigger this vulnerability.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T19:27:40.835Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14445 |
not_vulnerable | 2026-06-08 05:08:49.965777 |
Details available
MEDIUM (5.4)
An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the host parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T19:27:40.486Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2017-14444 |
not_vulnerable | 2026-06-08 05:08:49.965309 |
Details available
HIGH (8.5)
An exploitable buffer overflow vulnerability exists in Insteon Hub running firmware version 1012. The HTTP server implementation incorrectly handles the URL parameter during a firmware update request, leading to a buffer overflow on a global section. An attacker can send an HTTP GET request to trigger this vulnerability.
Published: 2018-08-02T19:00:00.000Z
Updated: 2024-08-05T19:27:40.454Z |
Imported from gcve-enriched-dumps CVE data |
CVE:CVE-2013-4859 |
not_vulnerable | 2026-06-08 05:04:50.029558 |
Details available
INSTEON Hub 2242-222 lacks Web and API authentication
Published: 2019-12-27T16:28:23.000Z
Updated: 2024-08-06T16:59:41.114Z |
Imported from gcve-enriched-dumps CVE data |
Contribute
You can submit an edit proposal for this CPE entry or suggest a related product/vendor addition using the action button above.